Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobeCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.1.1.1 Ensure minimum passcode length is set to at least 6 charactersCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.1.1.1.8 Ensure only allow numeric passcode is set to disabledCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure waiting room options is set to everyoneCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.1.1.4 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.1.8 Ensure embed password in meeting link for one-click join is set to enabledCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.1.2.2 Ensure host video is set to disabledCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.1.5 Ensure nosuid option set on /tmp partitionCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.6.1.6 Ensure no unconfined daemons existCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.2 Ensure local login warning banner is configured properly - msrvCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.7.1.3 Ensure remote login warning banner is configured properly - banner_checkCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.1.2 Ensure 'Controls when the profile can be removed' is set to 'Always'MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT

2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT

2.3.17.8 (L1) Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

3.1.1 Ensure IP forwarding is disabled - /etc/sysctl.conf /etc/sysctl.d/* net.ipv4.ip_forward = 0CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.1.1 Ensure IP forwarding is disabled - /etc/sysctl.conf /etc/sysctl.d/* net.ipv6.conf.all.forwarding = 0CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv6.conf.default.accept_source_route = 0CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirects=0CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2.7 Ensure Reverse Path Filtering is enabled - /etc/sysctl.conf /etc/sysctl.d/* net.ipv4.conf.default.rp_filter = 1CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2.8 Ensure TCP SYN Cookies is enabled - sysctlCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.3.5 Ensure permissions on /etc/hosts.deny are configuredCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

4.2.4 Ensure permissions on all logfiles are configuredCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.1.8 Ensure at/cron is restricted to authorized users - cron.deny does not existCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.2.4 Ensure permissions on SSH private host key files are configuredCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.2.5 Ensure permissions on SSH public host key files are configuredCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.2.14 Ensure SSH PermitUserEnvironment is disabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900'CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profileCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

6.2.3 Ensure no legacy "+" entries exist in /etc/shadowCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.5 Ensure root is the only UID 0 accountCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

6.2.11 Ensure no users have .forward filesCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.16 Ensure no duplicate UIDs existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.16 Ensure no duplicate UIDs existCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

6.2.18 Ensure no duplicate user names existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

9.1 Starting Tomcat with Security ManagerCIS Apache Tomcat 9 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

9.3 Disable deploy on startup of applicationsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.9 Do not allow custom header status messagesCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

10.11 Configure maxHttpHeaderSizeCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.13 Do not allow symbolic linkingCIS Apache Tomcat 8 L1 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.15 Do not resolve hosts on logging valvesCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

10.16 Enable memory leak listenerCIS Apache Tomcat 10 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

10.16 Enable memory leak listenerCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

18.1.1.2 (L1) Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

18.6.9.1 (L1) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.9.11.1.14 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

CONFIGURATION MANAGEMENT

18.9.95.1 Ensure 'Turn on PowerShell Script Block Logging' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

CONFIGURATION MANAGEMENT